aan_and_encryption_9fs_service

make it possible to use aan and encryption for
netbooted terminals/cpu servers.

maybe have a tunnel like service started thru
aux/listen that will establish aan and tls
for the client and then just dial the local
fileserver and rely between the tunnel and the fs.

discussion:

Jul 2, 2012
#2 ricardo….@gmail.com
Have you seen this patches?
http://www.9legacy.org/9legacy/patch/tls-devtls-rc4-256.diff
http://www.9legacy.org/9legacy/patch/tls-devtls-sha2.diff
http://www.9legacy.org/9legacy/patch/exportfs-tls.diff

Jul 2, 2012
Project Member #3 cinap_le…@[REDACTED]
yes. but exportfs/import already use ssl for encryption.
these patches add tls support to exportfs. i’m not a crypto
expert, so i dont know whats the gain over the current use
of ssl.
9fs is a different matter.

Jul 5, 2012
#4 ricardo….@gmail.com
Since you said that TLS would be nice, I thought you have missed the patches, sorry about that.
Regarding TLC, it is the “successor” of SSL 3.0 as it served as basics for TLS 1.0. The only real difference between both is that SSL connections starts encrypted while in TLS you start with an unencrypted “hello” string. TLS 1.0 is SSL 3.1. TLS is only worth if it’s TLS 1.2 and up.